In November last year Steam got hacked and the service’s forums were defaced. At the time, it was also confirmed the user database had been accessed, but no confirmation was given as to what exactly had been taken.

Today, Valve’s managing director Gabe Newell has posted on Steam updating us as to the investigation and what they have discovered so far. It seems that the hacker managed to grab a backup file containing user transactions that occurred between 2004 and 2008. Thankfully the billing address and credit card details were encrypted in that file, but usernames and email addresses were also present and not encrypted.

Gabe says there’s no evidence the encryption has been circumvented on that file, and in all likelihood the addresses and card details remain safe. It’s also likely that if they had been accessed, by now Steam users would have seen fraud appearing on their cards. It’s also likely a lot of those cards have now expired as they usually only last for 3-4 years before a new one is issued by your bank or credit card company.

Depending on where you live in the U.S. you may receive a notice about the investigation. It is apparently far from over with Valve still keen to track down who managed to compromise their system.

Hopefully everyone took measures to secure their identity and cards following the announcement of the hack last November. If you haven’t seen any malicious activity yet, it’s unlikely you will as all usable information would have been used already.